UN Server Hacked, Passwords Leaked

by John Lister on 20111201 @ 09:53AM EST | google it | send to friends
Filed under Security | (related terms: un, united nations, undp, corrupt organization, user)

More than a thousand usernames and passwords from the United Nations (UN) have been published online by hackers. However, initial indications are the attack may not have uncovered anything particularly important.

The information was published on Pastebin, a website commonly used by hackers releasing details, but who don't want their own sites to be swamped by high traffic. It was published in the name of 'Team Poison', arguably one of the two biggest hacking groups, alongside the better-known Anonymous. The two groups are believed to have recently formed an alliance to target financial institutions.

United Nations a "Corrupt Organization"

According to a related document, the hacking effort was provoked by a belief the UN is a corrupt organization that pushes for a "one world government" run by a "capitalist elite." (Source: theinquirer.net)

The user names and passwords, along with accompanying email addresses, appear to mostly come from the United Nations Development Program (UNDP), though staff of other UN groups are listed.

UNDP is a network which aims to help local governments in more than 175 countries work on programs such as reducing poverty, increasing democratic government, tackling Aids and dealing with environmental issues.

UN Passwords Woefully Inadequate

The attack reveals a major security problem for the UN. It appears many of the passwords are simply names, and some are as short as three characters.

Even worse, a large number of UN users used the exact same passwords -- a major security compromise. To cap things off, it appears some users have been able to access the system with only a user name, leaving the password blank.

UNDP now says the hacked server has been identified and taken offline. It reports that server has been in use since 2007 and none of the passwords are currently active. It also stressed that the public website itself was not compromised and there is no security risk for visitors. However, some experts have speculated the attackers were able to access the data through a flaw in the website itself.

A post on the Twitter account for Team Poison questions the claim that the affected server has been taken down. (Source: bbc.co.uk)

Free guide: Windows 8 Cheat Sheet: Touch and Mouse Gestures. Windows 8 brings a revolutionary way to use your mouse, touchpad, and touchscreen using 'gestures'. If you're new to gestures, you'll most certainly find them confusing - especially if you don't mean to invoke a gesture in the first place! That said, gestures are widely used on mobile and touch-based devices, and the technology is here to stay. Gestures can be a huge time-saver (similar to keyboard shortcuts) once you understand how to use them. For example, you can use gestures to move objects from one location to the next, zoom in, zoom out, enter passwords, and similar. This Windows 8 gesture cheat sheet is designed to make your life easier by demonstrating and explaining the basics. Print, share, and enjoy! Click here to download this guide now! Note: this guide is free, but registration is required; after that, you can select more ebooks and videos for download without registering again. If you have questions / problems with the registration form, please read this.

Free Newsletter

Stay informed -- get our timely news delivered via email or RSS!

Most Clicked Stories
(In the Past 15 Days)

Freebies

Recommended Sites

DownloadMix.com: More Freeware + Shareware

About

Established in 2001 and read by over 250,000 users world-wide, infopackets features the latest in headline news based on MS Windows, Internet, and technology trends. Subscription to our website is free! Join our discussion list, today!